June 2013 Issue
Threat of the month
Threat of the month: Java exploit
SC Magazine Facebook
SC Magazine Twitter
SC Magazine LinkedIn
SC Magazine Google Plus
Flaw in BlackBerry Protect app addressed, impacts Z10
Download the SC Magazine app for iOS and Android!
eConference: Auditing and compliance 6/25
Connecting the dots
The Data Breach Blog
The SC Awards Finalist Blog
SC Awards U.S.
SC Congress Toronto
SC Congress New York
SC Congress Chicago
Microsoft offers reward in MyDoom case
SonicWALL sells VPN and firewall solution
CFO Survey: Security Key Concern
Prepare for more threats on Valentine’s Day
Top 10 list of web application vulnerabilities released
SonicWALL to sell WAN-WAN security solution
MyDoom worm spreads around world
CipherTrust Boosts Anti-spam Arsenal
TruSecure send out early warning signs
PKWare expands reach of SecureZIP
TruSecure product nixes vulnerabilities based on company assets
More sophisticated email fraud emerges
Preparing for battle
Vormetric Wins Patent
The big decision: To outsource or not?
We can’t live in a risk-free world...
The spy within: So who can you trust?
Strategies to beat the virus writers
Let’s work together like the cyber attackers do
On the Highway: Forensics really can help you stop future attacks
Security firms produce all-in-one access key
TFS Technology aim for Unix users
ISS Offers Money-Back Guaranteed SLA
Critical infrastructure companies must be mindful of infosec
Check Point offers dedicated internal protection
StoneSoft opens up to IBM
Lawyer offers tips to companies for avoiding RIAA lawsuits
PortWise to sell in Australasia
Check Point unleashes intelligent software
Corporations Risk Harboring Infoterrorists through Negligence
Improving Critical Infrastructure Protection: CISSPs are Getting it Done
After the 'Space Odyssey'
SECURITY LIBRARY: Incident Response - Investigating Computer Crime
An Effective Managed Security Relationship Depends on the SLA
U.S. Secret Service Electronic Crimes Task Force - We Need You to Join Us!
Worries of Wireless
VoIP Security: Is Anyone Listening?
IDS: Alarms, Not Walls
Leveraging a Super-View of the Individual User
SECURITY CAMERA: Power to the People
Information Assurance and Corporate Governance: Engaging Senior Management
Developing an ISAP ASAP
Hacking: The Cyberworld's Oldest Profession is Indispensable R&D
FTC encourages public to report spammers
Privacy in an Internet World?
Lawyers Draft IT Security Professionals for Litigation Support Duty
The Cyberspace War
Keeping Secrets (Part 1)
Sharing Infosec Information
Information Security Outlook for Asia Pacific
Network IDS Shortcomings: Has NIDS Reached the End of the Road?
Hackers Get Green Light
Security: State of the Enterprise
Security Awareness Training - It's Time To Get Serious
Put the Plug on those Productivity Drains and Turn On the Taps of Efficiency
You've Got a Whole Lot to Lose On the Web
Board Action Critical to IT Governance Success
Virtual Private Networks (VPN): The Insecure Solution
Managing Your Security Risks: Ten Questions to Ask Before the Next Product Demo
What's In Store For Infosecurity?
Information Anarchy? One Simple Solution
Keeping Secrets (Part 2)
SECURITY CAMERA We Have the Technology - Don't We?
SECURITY LIBRARY: Know Your Enemy
African Fraud Schemes
In Contemplation of Our Small World
Accelerating Security Policies thru Middleware
SECURITY LIBRARY: Hacker's Challenge
Wanted by the FBI: New InfraGard Members!
Security Demands Action
Is Microsoft at Odds with Best Security Practices?
PDA Security Policy - Worth Its Weight in Gold
Thinking About Security as you Build Your Architecture
Identity Theft Highlights the Importance of Data Responsibility
Security Threats of Pervasive Computing
The Sky Is Falling (Again)
The Human Factor
Network Security: A New Virtual Foot Soldier Against Cyberterrorism
Auditing Software Licensing
Of 'Zombie' Computers and DDoS Attacks: The Security Liability
In Internet Battle
My Personal Firewall: I Should Have Listened to It!
Grey Hair, Wrinkles and Sun Spots in the Aging Firewall Market
Twenty Years of Smartcards and Smartcard Attacks
W-LAN security issues revealed
Mimail takes on a new disguise
Applying the Patch Post September 11
ISO 17799: Our Two Cents
Mind Shifts In Progress
Can You Trust Microsoft?
Consultancy unveils Basel II compliance framework
Taking the 'N' Out of VPN
A Little Bandwidth Helps Out in an Emergency
Shrinking IT Budgets Call for Stronger IT Governance
SECURITY CAMERA: Storage, Where's the SANs in That?
Outsourcing IT Security
Standardizing Penetration Testing
Attacks Keep Coming
Guerrillas in Our Midst
Why Business Continuity Planning is Difficult
Protecting our Children - You Need to Read This!
Lies, Damned Lies and Statistics
Pro-Privacy is Good For Business
SNMP Apathy - How Much Time Do We Have?
The Security Equipment Adjustment Cycle
You Have Been Warned
Are Corporations Making the Internet Safe for Hackers?
Regulating Security: Telecoms Regulation and Information Security
Using Application Service Providers Securely
SECURITY CAMERA: Looking After Number One
A Real Form of “CyberLiability” Emerges
It Never Ceases to Amaze Me
Playing Defense in Information Warfare
What Good Is Foreknowledge?
Authentication - Was That Really You Who Just Logged In?
SECURITY LIBRARY: CERT Guide to System and Network Security
Suspicious Web Services Want YOU!
Identity Management - Delivering Security and Value
Protecting Consumer Privacy Is as Easy
Will the Web Ever Be Secure?
Educating and Policing with Policy
Lessons of the Honeypot I: Aggressive and Careless
Cryptographic Policy - What’s the Blowback?
Information Security: Addressing the Human Factor
Is Information Security Crossing the Proverbial You Know What?
Information Availability - the Future of Business Continuity
When Worlds Collide: Physical and Information Security
Secure Mobile Data Comes of Age
The Right Analysis at the Right Time
Close the Door on Unwanted Guests: Keys to a Safe and Secure Wireless Network
SECURITY CAMERA: A Home Run
Authentication: From Passwords to Public Keys
Computer Forensics - You Need It Now More Than Ever!
The ‘Risk Gap’: Business Perspectives on Security
To Hide or Not to Hide?
New Security Perspectives: What U.S. Firms Can Learn From Overseas
When the Hackers Come Knocking
Putting Spam Back in the Can
Summer’s Long Days: Bouncing from Thought to Thought
Survival in the Security Space: Taking a Closer Look at the Ingredients for Longevity
The Changing Face of Security Penetration Testing
Business Continuity Management is Not a Luxury
802.11b Security Needs Beefing Up - And Then Some
Cookies and Web Bugs and Spyware, Oh My!
Wake Up and Smell the Coffee
Economic Models for Information Security
Winning The Virus War - But When?
Penetration Testing: Thinking outside the Black Box
Calculating PKI Return on Investment - Why Is It So Difficult?
Looking for Security Problems, Focus on Organizational Fault Lines
Very Unique Product Will Transform Your Life!
Communications Security in the 21st Century
(ISC)²’s Common Body of Knowledge and the HIPAA Security and Privacy Rules
Take Back Your Security Infrastructure
Chasing Infosec Budgets and the Loch Ness Monster
Security Training - The Essentials
The Privacy of Data in Motion
SECURITY CAMERA Propagating Viruses - Who Me?
Open File Solutions: Optimization for ‘Now’
For Mid-Sized Organizations, High Security Can Be Low Cost
Self Help for the Invincible
Taking a Realistic Approach to Remote Authentication
Is Every Crime Becoming a Cybercrime?
Securing the Network Edge
Mobile Security: New Needs on New Devices
The Art of War
Fire and Brimstone in 21st Century Security
Expect the Unexpected
ROI Strategies for Reducing Risk
Before a Fall
Interpol Tracks Information and Communication Technology Crime
Addressing the Internet’s ‘Human Factor’
Lessons Learned in Global IDS Deployment
SECURITY CAMERA: Who Said Crime Doesn’t Pay?
Lessons of the Honeypot II: Expect the Unexpected
Coping with ISP failure
PINs, Signatures and Countering Fraud
Where In the World Did I Put That File?
Money Alone Won't Solve Network Security Issues
Why Application Security is the New Threat
Fighting the Good Fight
Business Issues Relating to the Patriot Act
Planning for a disaster is half the work - Can you recover?
Protecting Documents and Data Shouldn’t Stop at the Server
There’s no escaping the dentist and cyber planning
Roller-Coaster MSS Industry: An Update
Managed Security Service Providers Are Dead - Long Live MSSPs
Do It Yourself Security: Cutting Our Umbilical Dependence on the Consultant Community
SECURITY CAMERA: A Christmas Carrot
What Happens When Email Goes Wrong?
The Anatomy of a Security Incident Response Team
Battle for the Cards: Signatures versus PINs
Network Intrusion Detection 3rd edition
The Accomplice, Protector and Informer
Web Services: Convenience at a Price
Not Every Card Offers Well Wishes
Securing Enterprise Application Portals
Seeking a Secure Relationship?
A Proper Diet of Information Security
Computer Security - What's Hiding In Your Closet?
Antivirus firms in a frenzy
e-Security in the Public Sector
New Technology and Security Déjà Vu
The Truth about Digital CCTV
Incentives for Avoiding a Cyber Pearl Harbor
Monitoring Security from the Inside Out: Intrusion Detection at the Configuration Level
Of Votes and Cyberspace
Centrally Managed Network Security: Hope or Reality?
Rules or Signatures?
3Com includes security for switches
Making Sense of “Homeland Security”
Intrusion Detection: Let’s Make Some Real Progress, Today!
Secure Computing - Blended Viruses: A New Era in Anti-Virus Protection
Real-World IT Security - The Social Engineering Perils of Commuting
Dedication is what you need?
Smart ID Cards to Protect Citizen Privacy
It Could Never Happen to Us…
Super! Ultra! Jumbo! Privacy as the New Multi-Purpose Word
Trusted Information Awareness - Another Name for Domestic Spying?
Redefining Email Security Policies
Securing and Managing Electronic Messaging in the Enterprise
White Hat v. Black Hat
For Your Eyes Only - Maximizing Security in a Closed Environment
PKI - Why Go Through the Hassle?
Businesses Should Not Fear Teleworking Security Issues
Networks Risk Grounding Without Airport-Level Security
Security Issues for Remote IT Delivery
Not Everything You Always Wanted to Know About Web Services Security
Securing Online Payments
How to Get Boardroom Buy-in on Business Continuity
Cooperation More Important Than Competition
Costs Versus Benefits in Securing Your Applications
Cyberterrorism: Are We Leaving the Keys Out?
Securing the Last Unprotected Area of the Network
Security Tools within the Common Criteria Framework: Part 2
Novell updates identity management software
Application security - the weakest link
Don’t Blame the Pigeons
Security and Web Services
Securing Image Content in Email
Security Tools within the Common Criteria framework
The Best Free (and Cheap) Security Software Part 1: Hashes and Encryption
Do Firewalls and IDS Create a False Sense of Internal Security?
New Technology Cracks Down on ID Theft?
The Secret of Agents
Cyberliability: Turning the Spotlight to Internal IT Security
A Next-Generation DoS Attack: ‘Distributed Reflection’
Scalable Encryption Solutions for Today’s Environment
The Six Honest Men of Business Continuity Planning
Companies Look to Long-Time Networkers to Combat Cyberthreats
Smashing The Millstone
The Threat of Internet Worms
What to Look for in a Web Application Protection System
From Business Policy to Network Policy
Perimeter Defense Model for Security
PKI Policy in the Business Environment
What’s In a Name?
Would You Please Swear in the Chief Security Officer?
Researchers find vulnerabilities in anti-virus software
Web Site Availability
Simplifying Network Security
A Practical and Realistic Approach for Testing the Performance of Firewalls: What Your Security Vendors Don't Want You to Know
Maximizing Network Performance with Quality-of-Service Solutions
Buffer Overflow Vulnerabilities, a Challenge for Everyone
The Politics of Vulnerabilities
Information Security on The Internet
e-Security Threats aren't Just the Enemy of the Corporate
Digital Signatures: What Can Businesses and Consumers Expect?
Distributed Denial-of-Service Attacks - Hacker Tools of the Trade
Optical Network Security Demands a New Performance Threshold
The Next Virus
Microsoft XP - Solving Security Concerns or Still a Liability?
Fingerprint Authentication: Shifting the Electronic Security Paradigm
Ensure Your Pocket Time-Bomb Doesn't Blow Up In Your Face!
VeriSign tagged to manage RFID
Software Compliance: A Helping Hand in an Economic Downturn
A Network Security Checklist
The Most Commonly Overlooked Security Holes
Evaluating the Security Risk Between Business-to-Business and Business-to-Consumer
Designing and Deploying Effective Defenses Against Denial-of-Service Attacks
Untangling Security Issues to Enable Web-based Email Access
Using File Hashes to Reduce Forensic Analysis
Signature-Based or Anomaly-Based Intrusion Detection: The Practice and Pitfalls
Hacker Repellent: Deterring Hackers on a Shoestring Budget
Application-Level Defense: The Email Battlefield
How do you stop the threat from within?
Infosec is news in the year of the worm
Central control: Let’s get it all together
Readability is vulnerability
Out of patience with exposed Windows
Blackout blues ...and what you can do to avoid them
Does size really matter?
Laptop stolen? No need to fret: How to minimize the pain
Holistic paths to security
Washington gets tough
Resist the urge: No more point solutions
Asking a clear question
The fine art of deception
Faster and more secure
Making the right connection: Which VPN - SSL, IPsec or both?
The masters of disguise: Do you know who your users are?
The stronger, the better
Skills to tame the Tigers
Guarding the spoken word
The network detectives
A risky business: Insurance in cyberspace
C-level sponsors: Factoring in the business bottom line
Policy that lives: Enforcing security in spite of the users
Sinking in a sea of spam
Spyware: Invading user privacy
Putting the pieces in place
Owning up to cyberattack
Tracking down cybercriminals
Laptop lockdown: Tracking down the thief
Mirapoint secures its email solutions
Reducing the stream of false positives
Kaspersky to protect Samba server
The language of the market
Online security training for employees
Talk time: Instant messaging and the enterprise
Consultant's view: Testing with open eyes
Timing security practices for web application success
Blocking attacks on applications
Issues for SAN security
Guarding the keep: Storage security
Predicting the next outbreak
HIPAA: Keeping the security rules
HIPAA: Now comes the security Challenge
Consultant’s view: It’s only a workstation
Web services: Useful but dangerous?
Free to roam Tackling WLAN security
Tips for WLAN security
Locking down the airwaves
Consultant's View: Oh …that security patch
On your marks: Get set for the next IT hurdle
Who runs your security?
Evolving a role in infosecurity
Trusting the big boys
Danger money: The challenge of risk management
Analysts forecast a boost for budgets
Vulnerability Testing: Keeping a tight ship
Consultant's View: I’m OK, I have a firewall
New tools for the job ahead
Hunting out the rogues
Hackers: Are you inviting them in?
Witches’ brew of concerns
Time to act: New challenges in 2004
No person is an island
Get qualified: Certification - that’s the name of the game
Revolution or evolution?
Sticking up for security
Protect the road warrior ...and deter the black hats
Cutting down the noise
Keeping out the intruders: Detecting and preventing
United we stand, divided we flounder
Real risk or shadow? The threat of cyberterrorism
Passwords exposed: Users are the weakest link
Is privacy a real concern?
Biometrics: Finding a niche at last
Where is DR headed?
Facing disaster in Britain
Keeping IT running
Battling for budget: Diverging perspectives
Battling for budget: Security for the pragmatist
Battling for budget: Obtaining solid support
Battling for budget: Selling security to CEOs
Shackled by the rules? Going for the light touch
Shackled by the rules? Unlock the opportunities
Unmasking the authors
Defenses for the ‘click and hack’ age
Do you feel the force? Malware can pull you apart
Putting Information Security into Focus
Security? I’ve Got It
A Healthy Dose of Security Skepticism
An Industry Built on Sand?
Snapshots For Security
Security-Spending Winners and Losers for 2003
Biometrics - Problem or Solution?
New Blends of Email Threats
Netilla to take on Europe
Business Impact Analysis: the Starting Block for Business Continuity
Handheld Computing Power: A Two-Edged Sword
Database security: protecting sensitive and critical information
Evidence Preservation vs. Business Continuity: An Ongoing Electronic Struggle
The Need for Quality Security Policy Enforcers
Integration: The Only Way to Manage and Grow a Saturated E-security Industry
Breaking the Security Logjam
Is Cyberterrorism a Serious Threat to Commercial Organizations?
Communicating the Language of Information Security
Securing Online Payments
Crying Wolf on Cyberterrorism?
Trojan email disguised as Microsoft mail
Making Life Easier: Top 12 Things CSOs Need to Keep in Mind
Aligning IT Security with Business Needs
Microsoft and the Return of PKI
The Good and the Bad for Selecting Security Measures
The Danger Inside Your Firewall
Unrealistic Pricing Degrades U.K. Business Security
Automated Vulnerability Assessment: How to Underpin Your Security Investment
Waking Up to Reality: Security and Handheld Computing Devices
Securing a Complex Communications Environment: Ten Top Tips
Change Management: What If it All Goes Wrong?
The Five Critical Stages of Policy Management
Future Challenges in Pervasive Computing Environments
Preventing Fraud Online: Digital Fingerprinting of PCs
Hints and Tips on Securing your Mobile Workforce
On the Offensive over Identity Theft
Information Security: Regulation and Legislation
Memorized Passwords: The Gateway to Identity Theft
Who’s Reading Your Email?
SSL is the ‘Industry Standard’ - But Is ‘The Industry’ Good Enough?
The Economic Return of Security
White-hat Hacking 101
Legal Denial-of-Service Attacks
Open Source Security: Better Protection at a Lower Cost
Managing Your Network’s Security
Security Qualifications - Are They Worth It?
Reaction Remedies - The Way it Should Work: A CA Guide to Effective Network Security
Patch Management - The Foundation of IT Security
Has There Ever Been a Better Time to Talk Up Vulnerability Assessment?
Protecting Your Privacy and Identity
Content Security - DIY or ISP?
PKI is Dead - Long Live Certificates!
Making Your Security Policy Work
Will Wireless Ever Be Secure?
Intellectual Property - Stopping the Thief!
Security Policy Management: Email Risk Controls
Trend Micro targets SME
Are You Safe On the Web?
Security holds its value despite offshore trend
Meeting the Challenge of Identity Management: The Role of VPNs and Biometric Authentication
Security Patches and Negative ROI Equal Corporate Stupidity
Jurassic Park, the Insurance Model and the Economic Return of Security
Electronic Identity: On the internet nobody knows you are a citizen
Protecting Your Business in the Right Places - Securing Applications
Technology is Not the Only Solution to Wireless Security?
Putting the ‘I’ Back in ID
Business Leaders and IT Security – Will the Two Ever Have a Meeting of Minds?
The Role of the Corporate Information Security Steering Committee
Trusted Digital Identities - Not Just For People Anymore
Curbing Internet Content Piracy
Cracking Down On Laptop Security
Combating Enterprise Vulnerability
How to Ensure Complete Web Transaction Privacy - Even After Your Data is Stored
Times Get Tough
Nameless in Cyberspace: Protecting Online Privacy
Identity Management Case Example
How to Buy Security
Managing the Security of Data Flow
Data-Secure Hard Drives?
Web-Based Games: Playing to Lose
The New Age of e-Commerce
Time to Own Up to Email Management
Protecting Wireless LAN Access with Smartcard SIMs
Are Remote Users Your Security Blind Spot?
Consolidation in the Security Solution Marketplace - How to be a Winner
Lock Up Your Data
Selecting the Right PKI - Know What to Ask For
For Your Eyes Only: Securing Sensitive Data from Rogue Staff
Business Continuity: Planning for Many Levels
Certification, Education and Experience
Business Continuity and Risk Management: Distant Cousins or Partners in Crime?
Simple, Efficient Security Products are the Key to Successful Policy Enforcement
Powerful Security Benefits for the Big Picture
Tackling the Growing Problem of Online Identity Theft
Coping with security risks from all angles
Call center security
Security policies - the constantly moving goalposts
Evaluating the return on security investment (ROSI): Where’s the problem?
Biometrics that turn cons into pros
Building the pillars of success for a security career
Evaluating the return on security investment: Where’s the problem?
Control System Security in the Age of Cyberterrorism
Why Can’t Our Guys Do This?
Privacy Falls Through the Web
Out-of-Band Management for Windows Server 2003
A Balanced Approach to Performing a Security Assessment
Solving the Security Concerns of Flexible Working
Thinking Outside the Box About Operating System Security
The Art of War: Part 1
Wardialing - The Forgotten Front in the War against Hackers
Security Devices Don’t Always Save Companies from Hackers
The Art of War: Part 2
Ebay Phishing scam hits home
Cyberwarriors Doing Battle with Themselves
Placing Strategic Security on the Front Burner
The Art of War: Part 3
Intrusion Prevention and Detection: Are They Just Missing the Point?
Expert vs. Expertise: Computer Forensics and the Alternative OS
The Art of War: Part 4
Changing the Game
The Art of War: Part 5
Is Patch Management a Failing Strategy?
The Art of War: Part 6
The lunatics have taken over the asylum
Securing your business - a never ending story
The Myth of ROI: Not every expense is an investment
The growth of eBusiness Security
The future’s bright, the future is SSL VPNs
Freeing the Shackles with Secure Remote Working
The Art of War: Part 7
Are your Web servers haemorrhaging cash?
Digital Evidence Accreditation Has Arrived
Taking a Proactive Approach to System Security Policy Compliance
Questions from the security zone: Are all VPNs created equal?
Business continuity in the supply chain
Trojans = Double Trouble
Workplace Recovery - ensure your technical requirements are met
Security as part of the strategic gameplan
The Myth of Information Security ROI: Not Every Expense Is an "Investment"
Shutting The Stable Door After The Horse Has Bolted?
Freeing the Shackles with Secure Remote Working
Security Training: An Holistic Approach
Security Awareness for Software Developers
Are You Indulging In Unprotected Wireless?
SSL VPN Gateways: A New Approach to Secure Remote Access
The challenge of making enterprise management secure
Not me Guv!
The Need for Secure Project Management
A new generation of security solutions
The Different Faces of Policy Enforcement
Bridging the Digital Divide in Security
Embracing Mobility: Three Steps to an Effective Mobile Security Policy
All For One and One For All
Applying The Art of Forensics to Network Security
“Cradle-to-Grave”: Career Path Support Needed for Information Security Professionals
Human + documents = security threat
Making protection pay - The business benefits of IT security
Email Encryption in the Financial Sector
Biometric security: more bottom-line benefits, less James Bond
“When spammers attack!”
The Person-to-Person Problem
Giving a "worm" welcome: The financial sector's move to open source security products
Managing Passwords Without Compromising Security
Phishers target Bank of England
Crackers, Hackers and Thieves - don’t make their Christmas - leave your Handhelds at home!
Financial scams to increase in 2004
The rise of the malicious spammer
E-voting company hacked
Clavister and D-Link to combine forces
Allied Bakeries opts for Double-Take
Visa to combat card fraud
BindView adds patching to its products
Anti-spam watchdog investigates itself
Main Line choose RSA for securing patient records
Volvo plans to secure users’ PDAs
Lights are on for security vendors
Tory leader in hot water over spam
Intelligence agencies shortlist for security contract
Sun sets on Cobalt
Free forum on network security
Sign up to our newsletters
SC Magazine Canada
SC Magazine Featured White Paper of the Day
SC Magazine Newswire
SC Magazine Product Reviews
SC Magazine Product/Industry Buzz
Do you consider Jeremy Hammond's hack of Stratfor to be an act of civil disobedience because he did it for moral reasons and not to profit?
SC Magazine Articles
Bad Pigs removed from Google Play after 10k users download bogus app
Another victim comes forward in massive ticketing software company breach
IT decision makers are more optimistic about breach detection than they should be
Trojan uses fake Adobe certificate to evade detection
Secret U.S. cyber actions exposed by Snowden leaks demand much larger debate
Feds charge eight in international fraud ring
Oracle releases Java update to close 37 high-risk vulnerabilities
Tor to blame for its users being unable to access Facebook
IT decision makers are more optimistic about breach detection than they should be
FDA calls on manufacturers, hospitals to better protect medical devices
Scammers exploit interest in NBA finals to spread Facebook spam
Microsoft's new bug bounty program offers up to $11k in incentives
Oracle releases Java update to close 37 high-risk vulnerabilities
Veterans' patient information found in recycle bin
Flaw in BlackBerry Protect app addressed, impacts Z10 smartphone users